<?php
/**
 *公共功能类 
 */
class PublicAction extends Action{
    /**
      +----------------------------------------------------------
     * 用户登录页面
      +----------------------------------------------------------
     */
    public function login() {
        if (!isset($_SESSION[C('USER_AUTH_KEY')])) {
            $this->display();
        } else {
            $this->redirect('Index/index');
        }
    }
    
    
    /**
     *Public公共首页 
     */
    public function index() {
        //如果通过认证跳转到首页
        $this->redirect('Index/index');
    }
    
    /**
      +----------------------------------------------------------
     * 用户登出
      +----------------------------------------------------------
     */
    public function logout() {
        if (isset($_SESSION[C('USER_AUTH_KEY')])) {
            $loginout_success = '安全退出成功！';
            unset($_SESSION[C('USER_AUTH_KEY')]);
            unset($_SESSION);
            session_destroy();
            $this->assign("jumpUrl", U("Public/login"));
            $this->success($loginout_success);
        } else {
            $this->error('退出失败！');
        }
    }
    
    
    /**
     *验证码生成方法 
     */
    public function verify() {
        import('ORG.Util.Image');
        $type = isset($_GET['type']) ? $_GET['type'] : 'png';
        $type = 'png';
        //import("@.ORG.Image");
        Image::buildImageVerify(4, 1, $type);
    }
    
    
    /**
      +----------------------------------------------------------
     * 登录检测方法
      +----------------------------------------------------------
     */
    public function checkLogin() {
        if (empty($_POST['admin_name'])) {
            $this->error('请填写用户名！');
        } elseif (empty($_POST['admin_pwd'])) {
            $this->error('请填写登录密码！');
        } elseif (empty($_POST['verify'])) {
            $this->error('请填写验证码！');
        }

        //生成认证条件

        $map = array();

        // 支持使用绑定帐号登录
        $map['admin_name'] = $_POST['admin_name'];
        $map["status"] = array('gt', 0);

        if ($_SESSION['verify'] != md5($_POST['verify'])) {
            $this->error('验证码错误！');
        }

        import('ORG.Util.RBAC');
        $auth_info = RBAC::authenticate($map);

        //使用用户名、密码和状态的方式进行认证
        if (false === $auth_info) {
            //$this->saveLog(0, 0);
            $this->error('帐号不存在或已禁用！');
        } else {
            if ($auth_info['admin_pwd'] != md5($_POST['admin_pwd'])) {
                //$this->saveLog(0, 0);
                $this->error('密码错误！');
            }

            import('ORG.Util.Session');
            Session::setExpire(time() + fanweC("EXPIRED_TIME") * 60);

            $_SESSION[C('USER_AUTH_KEY')] = $auth_info['id'];
            $_SESSION['admin_name'] = $auth_info['admin_name'];
            $_SESSION['last_time'] = $auth_info['last_time'];
            $_SESSION['login_count'] = $auth_info['login_count'];
            
            //判断是否为超级管理员   是则将session['ADMIN_AUTH_KEY']设置为true
            if ($auth_info['admin_name'] == fanweC('SYS_ADMIN')) {
                $_SESSION[C('ADMIN_AUTH_KEY')] = true;
            }

            //保存登录信息
            $admin = M(C('USER_AUTH_MODEL'));
            $ip = get_client_ip();
            $time = gmtTime();
            $data = array();
            $data['id'] = $auth_info['id'];
            $data['last_login_time'] = $time;
            $data['login_count'] = array('exp', 'login_count + 1');
            $data['last_login_ip'] = $ip;
            $admin->save($data);

            // 缓存访问权限
            RBAC::saveAccessList();
            //$this->saveLog(1, 0);
            $this->success('登录成功！');
        }
    }
}

?>
